Date: Sun, 17 Jun 2012 12:32:19 -0700 (PDT) From: Jason Fesler <jfesler@gigo.com> To: freebsd-net@freebsd.org Subject: ipfw and ipv6 mask/masklen Message-ID: <alpine.BSF.2.00.1206171228020.24374@goat.gigo.com>
index | next in thread | raw e-mail
For IPv4, I see this with ipfw:
addr/masklen
Matches all addresses with base addr (specified as an IP
address, a network number, or a hostname) and mask width
of masklen bits. As an example, 1.2.3.4/25 or 1.2.3.0/25
will match all IP numbers from 1.2.3.0 to 1.2.3.127 .
Does anyone have a suggestion on how to do similar for IPv6?
I want to block specific Teredo/IPv4 addresses; the IPv4 address is
encoded at the end. The bits in the middle are variable per connection
(with the port number being part of the variable).
I don't want to block out Teredo entirely (or even a specific relay
entirely), as that would be overboard for my needs. So, CIDR notation
prefix/length matching won't work.
--
Jason Fesler, email/jabber <jfesler@gigo.com> resume: http://jfesler.com
"Give a man fire, and he'll be warm for a day;
set a man on fire, and he'll be warm for the rest of his life."
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1206171228020.24374>